HACL Packages

Franziskus Kiefer
June 7, 2022

Earlier this year, Tezos and Nomadic Labs started to work with Cryspen to improve HACL* and ensure that it is a viable long-term solution for Tezos' cryptographic needs. HACL is a set of high assurance cryptographic primitives used by Tezos for most of its cryptography.

The original HACL* has been developed as part of Project Everest and is a collection of high-assurance cryptographic algorithms. Its source is written in F*, which is used to generate C code. It also contains verified assembly code from the Vale project and an agile multiplexed cryptographic provider called EverCrypt.

To ensure the long-term viability of the software, Cryspen is building a usable cryptography library based on the research artefacts from HACL*. The new library lives in the new hacl-packages repository, where several cryptographic packages are developed by Cryspen. In particular, it contains a portable C crypto library that selects optimised implementations for each platform and Rust, OCaml, and JavaScript bindings for this library.

To increase the usability and performance of the library, Cryspen is also in the process of improving some algorithms, adding more usable APIs, and writing documentation.

We reached the first milestone for the HACL transition by providing a library that is easy to build and use on all major platforms and operating systems.

The library is still a work in progress, and especially the bindings for other languages such as OCaml, Rust, and JavaScript have not all been moved or finished yet. But we think this is a good point to let everyone know we’re working on this project and that the library can be used now.

If you use cryptography anywhere, we’d be happy if you used HACL and told us if it’s working for you or (why) not.

Please get in touch if you have any questions about high assurance cryptography or the HACL library in particular.

If you want to learn more about HACL and previous efforts around the library in the Tezos ecosystem, there’s a great blog post by Victor from Nomadic Labs.